CVE-2020-20988

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-20988

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-20988.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-20988

Published

2021-08-12T22:15:07.480Z

Modified

2026-03-13T00:35:44.839406Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter.

References

https://mycvee.blogspot.com/p/xss2.html

Affected packages

Git / github.com/domainmod/domainmod

Affected ranges

Type

GIT

Repo

https://github.com/domainmod/domainmod

Events

Introduced

Last affected

c2902928f5f408ec833012a01124658f49fe9ca2

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.13.0"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.11.1

v0.11.2

v0.12.0

v0.13.0

v0.14.0

v0.14.1

v0.15.0

v0.15.1

v0.15.2

v0.16.0

v0.16.1

v0.17.0

v0.18.0

v0.18.1

v0.18.2

v0.18.3

v0.19.0

v0.19.1

v0.19.2

v0.19.3

v0.19.4

v0.2.0

v0.20.0

v0.20.1

v0.20.2

v0.21.0

v0.21.1

v0.21.2

v0.21.3

v0.21.4

v0.21.5

v0.21.6

v0.21.7

v0.21.8

v0.22.0

v0.22.1

v0.22.2

v0.22.3

v0.22.4

v0.22.5

v0.23.0

v0.24.0

v0.24.1

v0.24.2

v0.25.0

v0.25.1

v0.25.2

v0.26.0

v0.26.1

v0.26.2

v0.26.3

v0.26.4

v0.26.5

v0.26.6

v0.27.0

v0.27.1

v0.27.2

v0.27.3

v0.28.0

v0.29.0

v0.3.0

v0.3.1

v0.30.0

v0.30.1

v0.30.2

v0.31.0

v0.31.1

v0.31.2

v0.31.3

v0.31.4

v0.31.5

v0.32.0

v0.32.1

v0.33.0

v0.33.1

v0.33.2

v0.33.3

v0.33.4

v0.33.5

v0.33.6

v0.34.0

v0.34.1

v0.34.2

v0.35.0

v0.36.0

v0.36.1

v0.36.2

v0.36.3

v0.37.0

v0.37.1

v0.38.0

v0.39.0

v0.4.0

v0.4.1

v0.40.0

v0.40.1

v0.40.2

v0.41.0

v0.41.1

v0.41.2

v0.41.3

v0.42.0

v0.43.0

v0.44.0

v0.44.1

v0.44.2

v0.44.3

v0.44.4

v0.44.5

v0.44.6

v0.45.0

v0.45.1

v0.45.2

v0.46.0

v0.47.0

v0.48.0

v0.49.0

v0.5.0

v0.5.1

v0.5.2

v0.50.0

v0.51.0

v0.52.0

v0.53.0

v0.54.0

v0.55.0

v0.55.1

v0.55.2

v0.55.3

v0.56.0

v0.57.0

v0.57.1

v0.58.0

v0.58.1

v0.58.2

v0.59.0

v0.6.0

v0.6.1

v0.60.0

v0.60.1

v0.61.0

v0.61.1

v0.61.2

v0.62.0

v0.63.0

v0.64.0

v0.65.0

v0.66.0

v0.67.0

v0.67.1

v0.68.0

v0.69.0

v0.69.1

v0.7.0

v0.70.0

v0.70.1

v0.70.2

v0.71.0

v0.72.0

v0.73.0

v0.74.0

v0.75.0

v0.76.0

v0.77.0

v0.77.1

v0.78.0

v0.79.0

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.80.0

v0.81.0

v0.82.0

v0.82.1

v0.82.2

v0.82.3

v0.82.4

v0.83.0

v0.84.0

v0.84.1

v0.84.2

v0.85.0

v0.85.1

v0.86.0

v0.87.0

v0.88.0

v0.89.0

v0.9.0

v0.91.0

v0.91.1

v0.91.2

v0.91.3

v0.91.4

v0.91.5

v0.92.0

v0.92.1

v0.92.2

v0.93.0

v3.*

v3.0.0

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.0.8

v3.0.9

v4.*

v4.00.000

v4.01.000

v4.01.001

v4.01.002

v4.01.003

v4.01.004

v4.01.005

v4.01.006

v4.01.007

v4.01.008

v4.02.000

v4.02.001

v4.03.000

v4.03.001

v4.03.002

v4.04.000

v4.04.001

v4.05.00

v4.05.01

v4.05.02

v4.05.03

v4.06.00

v4.06.01

v4.07.00

v4.08.00

v4.09.00

v4.09.01

v4.09.02

v4.09.03

v4.10.0

v4.11.0

v4.11.01

v4.12.0

v4.13.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-20988.json"